CORE PRIVILEGED ACCESS SECURITY
Secure and Protect Privileged Accounts and Credentials. Everywhere.
The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.
POUR LA SÉCURITÉ
Secure, rotate and manage privileged credentials to reduce risk; monitor and record all privileged access activity; automated prevention and remediation of high-risk activities.
POUR LES OPÉRATIONS
Streamline administrator and end user workflow including just-in-time access; easy and comprehensive integration across the technology stack; support for automation via REST APIs.
End-to-end reporting with full, detailed audit trail of privileged activity across complex and hybrid environments; improve and prioritize audit review cycle times based on risk.
Nous avons évalué d’autres solutions, mais nous avons choisi celle de CyberArk, car c’est celle qui répond le mieux à nos besoins en matière de cybersécurité. Nous apprécions le concept de la plate-forme de CyberArk et la possibilité de centraliser et de gérer en toute sécurité les informations d’identification. CyberArk permet également de gérer les clés SSH, ce qui a été déterminant pour nous.
Marcos Henrique Igutti – Information Security Officer at FS
FS relies on CyberArk Privileged Access Security Solution
KEY FEATURES: STANDARD CORE PAS
Risk-based credential protection and session management to prevent and mitigate attacks involving privileged access.
Organizations can’t secure what they don’t know exists. CyberArk provides several methods for discovering privileged accounts and credentials, including the standalone Discovery & Audit (DNA) Tool and accounts discovery functionality that comes standard with the Core Privileged Access Security Solution. CyberArk scans all distributed networks and discovers both local and domain accounts on Windows systems as well as SSH keys, root and other local accounts on *NIX. All relevant privileged account information is retrieved (e.g. dependencies, created date, etc.), and are placed in the Pending Accounts page within the CyberArk web portal. Administrators have the ability to set policy that establishes automatic account onboarding via REST API, among others aimed at streamlining workflow efficiency.
Once all privileged accounts have been discovered and on-boarded, policy can be set to establish credential strength (e.g. length and complexity) as well as frequency of rotation. Any shared accounts can also be rotated based on policy, such as credentials being used in multiple locations are not reused or used simultaneously, and are rotated directly after each individual use. Users can also access critical systems “just-in-time” by being added provisionally to a shared local administrator account on Windows servers for a pre-determined amount of time reducing the need for lower priority managed credentials.
Workstations are often a soft target for attackers to penetrate the network and can be leveraged by malicious actors to jump laterally throughout the environment. CyberArk enables secure connections to critical systems through the use of a secure proxy that is fully isolated and thus never exposing privileged credentials directly to the end users or their client applications or devices. This secure control point manages access to these privileged credentials and implements dual-control for a more robust workflow, providing users with customized approval workflows that ensure they are in compliance with accessing the right systems.
End-users can connect securely in a variety of ways, one being directly through the CyberArk web portal for general access. Users who prefer a more native workflow can request a secure connection to CyberArk directly from their workstations using any standard RDP client application for Windows, as well as native command line connectivity to *NIX and other SSH based systems. Additionally, CyberArk provides secure access to a range of as-a-service applications and cloud platforms via the native application login screen, delivering a native and transparent user experience to administrators.
In breach scenarios, finding the exact cause and ensuring it can be contained is harder than finding a needle in a haystack. With CyberArk, all privileged sessions are automatically recorded in video and/or text format and stored and encrypted within a tamper-resistant Digital Vault. Log files can be easily accessed by security and audit teams alike to support both compliance and digital forensics. Ad hoc connections can also be brokered to target systems that are unmanaged by the Core Privileged Access Security Solution. Administrators also have the ability to filter any keystrokes or commands like SSH logging or HTTPS that are recorded throughout privileged connections to minimize unwanted audit records, thus reducing the number of audit records stored.
When reviewing sessions, each recording has a clickable table of contents that enables reviewers to go directly to specific activities or commands. To further the operational use of CyberArk, each session is assigned a risk score that can be sorted and viewed by administrators to jump directly to the most critical activities within the environment.
Having a viewable trail of privileged activity is important, but very few organizations have the staff or resources to view everything occurring within the environment. It’s both an exhausting and error-prone method for cybersecurity. CyberArk automatically captures audit records for each command and/or event that is executed or keystrokes that are typed and assigns each session with a risk score based on pre-defined policy. This enables security operations center personnel to take a risk-based approach by prioritizing the riskiest activities occurring within the environment by sending and receiving automatic alerts to and from Security Information and Event Management (SIEM) or User and Entity Behavior Analytics (UEBA) tools.
The Core Privileged Access Security Solution is able to detect attempts at bypassing or circumventing privileged controls in real-time and can both alert administrators as well as take automatic action to reduce the number of unmanaged access points to critical systems.
Sophisticated attackers can breach the network and gain access to critical systems and resources in record time. How effective are security controls that are heavily reliant on manual intervention? Attackers can lay in wait for extended periods of time without ever being picked up by security controls or administrators. Having built-in, automated remediation controls in place is necessary for maintaining a strong security posture for the modern enterprise. CyberArk can automatically rotate credentials in the event of risky behavior such as credential theft, bypassing the Digital Vault, or unmanaged access; in order to mitigate risk in real-time without relying on manual intervention. Unmanaged accounts can be automatically on-boarded and managed through CyberArk’s continuous discovery capabilities. Additionally, in the event of privileged sessions reaching a certain risk score, administrators can establish policies to either to stop suspicious behavior before doing irreparable damage to the business.
KEY FEATURES: ADVANCED CORE PAS
Advanced modules are fully integrated into the Standard Core Privileged Access Security Solution to provide a comprehensive solution for security, audit and IT teams across on-premises, hybrid and cloud environments.
In many organizations, IT administrators, application developers, database administrators and others have permanent, continuous and anonymous superuser privileges. While some level of privileged access to business critical systems and data is required, many users have far more privileges than needed for their day-to-day tasks.
Least Privilege Server Protection for *NIX enables organizations to centrally manage and enforce granular access controls and establish superuser accountability, provide a full audit trail and recording of all privileged access activity on Unix/Linux systems.
Privileged Windows servers accounts are a common target for hackers and cyber criminals. Internal and external attackers can exploit privileged server accounts to gain access to critical business systems, disrupt service or steal confidential information.
Least Privilege Server Protection for Windows enables organizations to enforce granular least privilege policies for IT administrators, efficiently segregate duties on Windows servers and tightly manage and control which applications are permitted to run on Windows servers to protecting against malware and ransomware.
Advanced attacker are in search of domain administrator privileges given the unrestricted level of access and control these credentials provide throughout the IT landscape. These powerful accounts permit attackers to manipulate the most sensitive assets in the network – Domain Controllers (and Active Directory) – completely hidden from view of other users and outside the purview of security solutions designed to prevent such attacks. The Domain Controller Protection Solution enables organizations to protect domain controllers’ local credential stores (e.g. LSASS, NTDS.dit, and LSA) and can detect malicious activity in real time. The solution enforces credential boundaries for domain administrators without adding unnecessary complexity, cost and burden to end users, and simultaneously enables security teams to respond effectively with a detailed account of each security event on domain controllers.
OPTIONS DE DÉPLOIEMENT FLEXIBLES
Deploy CyberArk in a variety of ways to match business needs and preferences. Select from a variety of deployment options based on control and flexibility.
CYBERARK PRIVILEGED ACCESS
The CyberArk Core Privileged Access Security Solution provides organizations with the ability to take a risk-based approach to credential and session management. Enforce least privilege principles and lock down domain controllers to defend against both internal and advanced persistent threats.
VOUS ÊTES PRÊT À COMMENCER ?
Suivez la visite guidée CyberArk pour comprendre pourquoi CyberArk est le leader du marché de la sécurité des accès à privilèges.